RE: SHADOW - ssh autologon problem

From: Richard Gilman (Richard.Gilman@ntn.com)
Date: 01/25/02


From: Richard Gilman <Richard.Gilman@ntn.com>
To: "'Jerry A. Shenk'" <jshenk@decommunications.com>, Focus on Intrusion Detection Systems <FOCUS-IDS@securityfocus.com>
Date: Fri, 25 Jan 2002 09:21:02 -0800

Is it possible that you have installed a new version of ssh? I believe the
SHADOW.conf does a `which ssh` to determine which binary to run. Could it be
finding a different version (i.e. ssh1 vs. ssh2) than the one you are
execute at the prompt. The only other thing that comes to mind is that the
user that has the keys setup with the empty passphrase is somehow not the
same user the fetchem.pl is running under.

Rich

-----Original Message-----
From: Jerry A. Shenk [mailto:jshenk@decommunications.com]
Sent: Friday, January 25, 2002 5:32 AM
To: Focus on Intrusion Detection Systems
Subject: SHADOW - ssh autologon problem

I'm having a bit of a problem with a SHADOW installation that's been
running for two years. The problem is that I can't keep from being prompted
for a password when fetchem.pl runs (using the -debug switch and watching
/tmp/fetchem.log). If I try to scp or ssh from the command-line, I'm right
in, without the password prompt.

--------------------------------------------------------------
Jerry A. Shenk - MCNE, CCNA,
GCIA (GIAC Certified Intrusion Analyst)
GCIH (GIAC Certified Intrusion Handler)
Sr. Systems Engineer - Computer Networking Services
D&E Networks, Inc.
jshenk@decommunications.com (also jas@decns.com)
1-877-433-8632 Fax via efax: (253) 323-5149 (new number 6/9/01)

my website: http://jerryslinux.dyndns.org/jas - PGP sig. file on this site



Relevant Pages

  • Re: Defering passphrase entry with ssh-add
    ... it checks for valid credentials in the agent but continues with other Preferred Authentication mechanisms if not found (ie password prompt). ... There are several drawbacks to ssh adding all keys it found every time you tried an ssh session: ...
    (SSH)
  • Re: some attack to fedora machine .
    ... will compromise the BIOS, these will be cross platform, they will affect ... F8 installation last December. ... Each and every time the invader came in through ssh. ... Window$ maybe Window$, and *nix *nix, but because window ...
    (Fedora)
  • Re: some attack to fedora machine .
    ... Please check below link for antivirus program download for linux. ... F8 installation last December. ... Each and every time the invader came in through ssh. ...
    (Fedora)
  • Re: some attack to fedora machine .
    ... Please check below link for antivirus program download for linux. ... will compromise the BIOS, these will be cross platform, they will affect ... F8 installation last December. ... Each and every time the invader came in through ssh. ...
    (Fedora)
  • Re: Question on input password on ssh prompt
    ... I am writing a perl script running on the XP, ... command to the remote host. ... However right after I made the system call for ssh, ... 'perldoc open' or consult the documentation for your Perl installation. ...
    (comp.lang.perl.misc)